Форумы / Cotonti / Bugs / Genoa 0.6.24 users.profile.inc.php password update problem

MecTruy
#1 10.10.2012 07:45

Genoa 0.6.24 system/core/users/users.profile.inc.php password update problem, if you want change your password, you can't because users.profile.inc.php have a problem ! so we know cotonti password system changed with sha256 salt. but users.profile.inc.php just using md5 Crypt system, i did fix this. i did share fix codes, but Trustmaster must be control my codes, its working but maybe i did little wrong :)

fix code:  http://www.cotonti.com/pastebin/196

 

Kurta sormuşlar senin ensen neden kalın ? diye, Kendi işimi kendim yaparımda ondan demiş...
Отредактировано: MecTruy (10.10.2012 13:30, 11 лет назад)
pieter
#2 10.10.2012 09:57

Please use pastbin to put in a lot of code:

http://www.cotonti.com/pastebin/

... can we help you ...
Trustmaster
#3 10.10.2012 18:33

Can anybody confirm the problem? I've just tested on a Genoa 0.6.24 instance and I was able to update the old md5 password to a new sha256 in profile.

May the Source be with you!
MecTruy
#4 15.10.2012 10:47

Trustmaster, have a problem you can control $roldpass = md5($roldpass); look this where is sha256 salt ?  old account always must use md5 passwords.

Kurta sormuşlar senin ensen neden kalın ? diye, Kendi işimi kendim yaparımda ondan demiş...
Trustmaster
#5 15.10.2012 17:14

Old accounts use md5() hashes, this is default behavior. They are only updated to sha256 when they change password in profile. You don't need to use md5() function in profile because it is used by sed_hash() if current user_hashfunc value is md5 (which is so for existing users). If there are problems with that, then patch-0.6.23-0.6.24.sql is not applied correctly on your database.

May the Source be with you!
MecTruy
#6 16.10.2012 07:31

i understand now, it means who is using md5 password they will stay always with this hash only new member will use sha256, but with my code when time you will update your password change with sha256 :)  http://www.cotonti.com/pastebin/196

Kurta sormuşlar senin ensen neden kalın ? diye, Kendi işimi kendim yaparımda ondan demiş...
Trustmaster
#7 16.10.2012 11:42

but with my code when time you will update your password change with sha256 :)

Same is done in 0.6.24 by default. So you have done the same in your code that it already does :) But thanks for your effort to help!

May the Source be with you!